Enable Node.js Permission Model
The Node.js runtime has a built-in permission model which allows you to limit access to certain system resources, which is helpful to limit the blast radius in case of a security incident.
Supported Resources for Node.js Permissions Model
The following resources are supported by the Node.js permissions model:
- File system access - via the
--allow-read-fs
and--allow-write-fs
flags. - Child process access - via the
--allow-child-process
flag. - Worker threads access - via the
--allow-worker
flag. - Native add-ons access - via the
--allow-addons
flag. - WASI modules access - via the
--allow-wasi
flag.
Node.js Permissions Model Example
In practice, here’s how you’d enable the permissions model in a package.json
start script:
Then, if the server.js
file tries to access the file system, it will be allowed to do so. Otherwise, it will throw an error as follows, when Node.js is instructed to load the special .env
dotenv file:
Benefits of Node.js Permission Model
The benefits of enabling the Node.js permission model include:
Low-privilege access to system resources - Least privilege principle is a common security best practice adhered to by security teams and many organizations follow this to reduce the attack surface and provide only the necessary permissions and capabilities to the application.
Supply chain security defense - The permissions model can be used to restrict access to system resources, such as child processes, sensitive file system reads and writes, and other resources that could be abused by malicious actors.